Skip Navigation Links | |
Exit Print View | |
Oracle Solaris Administration: ZFS File Systems Oracle Solaris 11 Information Library |
1. Oracle Solaris ZFS File System (Introduction)
2. Getting Started With Oracle Solaris ZFS
3. Oracle Solaris ZFS and Traditional File System Differences
4. Managing Oracle Solaris ZFS Storage Pools
5. Managing ZFS Root Pool Components
6. Managing Oracle Solaris ZFS File Systems
Managing ZFS File Systems (Overview)
Creating, Destroying, and Renaming ZFS File Systems
ZFS Read-Only Native Properties
Settable ZFS Native Properties
Querying ZFS File System Information
Querying ZFS Properties for Scripting
Using Temporary Mount Properties
Sharing and Unsharing ZFS File Systems
Displaying ZFS Share Information
ZFS File Sharing Within a Non-Global Zone
New ZFS Sharing and Legacy Share Command Summary
Setting ZFS Quotas and Reservations
Setting Quotas on ZFS File Systems
Setting User and Group Quotas on a ZFS File System
Setting Reservations on ZFS File Systems
Changing an Encrypted ZFS File System's Keys
Delegating ZFS Key Operation Permissions
Mounting an Encrypted ZFS File System
Interactions Between ZFS Compression, Deduplication, and Encryption Properties
Examples of Encrypting ZFS File Systems
How to Migrate a File System to a ZFS File System
Troubleshooting ZFS File System Migrations
7. Working With Oracle Solaris ZFS Snapshots and Clones
8. Using ACLs and Attributes to Protect Oracle Solaris ZFS Files
9. Oracle Solaris ZFS Delegated Administration
10. Oracle Solaris ZFS Advanced Topics
11. Oracle Solaris ZFS Troubleshooting and Pool Recovery
12. Archiving Snapshots and Root Pool Recovery
13. Recommended Oracle Solaris ZFS Practices
In this Solaris release, you create a ZFS file system share and publish the share as follows:
Create the file system share and define the NFS or SMB share properties by using the zfs share command.
Using a separate command to create a share provides the following features:
Defines the options that are used to share a particular path in a file system.
Multiple shares can be defined per file system, but a share name is used to uniquely identify each share.
A share can define options for both NFS and SMB sharing.
Multiple SMB paths can be can be defined for a single directory path.
The share is stored in a file in the .zfs/share directory with the name of the share.
The interaction between the defined shares and the sharenfs and sharesmb properties is as follows:
The existing sharenfs property controls whether the file system is published over NFS. The value is on or off. This property is inheritable by descendent file systems.
The existing sharesmb property controls whether the file system is published over SMB. The value is on or off. This property is inheritable by descendent file systems.
When the sharenfs or sharesmb property is set to on, all defined shares for the file system (and all descendent file systems inheriting the property) are published for the appropriate protocol. All defined shares are also published when the zfs share command is issued.
If no shares are defined, the file system is not shared.
If shares are defined for the file system, then only those shares are published. The mount point of the file system is only shared if a share exists that explicitly shares it.
When the sharenfs or sharesmb property is set to off, all published shares for the file system (and all descendent file systems inheriting the property) are unpublished for the appropriate protocol. These shares remain unshared until the sharenfs or sharesmb property is set to on.
None of the defined shares are removed when the property is set to off and are re-shared the next time the sharenfs or sharesmb property is set to on.
When the zfs unshare command is issued, all published shares for the file system are unpublished. These shares remain unshared until the zfs share command is issued for the file system.
None of the defined shares are removed when the zfs unshare command is issued, and are re-shared the next time the zfs share command is issued.
This section details some of the differences between the new sharing syntax and legacy sharing syntax.
The primary new sharing differences are as follows:
The zfs set share command replaces the sharemgr interface for sharing ZFS file systems.
The sharemgr interface is no longer available. The legacy share command and the sharenfs property are still available. See the examples below.
The /etc/dfs/dfstab file still exists but modifications are ignored. SMF manages ZFS or UFS share information so that file systems are shared automatically when the system is rebooted, similar to the way ZFS mount and share information is managed.
The share -a command is like the share -ap command so that the file system share is persistent.
Descendent file systems do not inherit share properties. If a descendent file system is created with an inherited sharenfs property set to on, then a share is created for the new descendent file system.
Legacy sharing syntax is still supported.
Use the share command to share a file system.
For example, to share a ZFS file system:
# share -F nfs /tank/zfsfs # cat /etc/dfs/sharetab /tank/zfsfs - nfs rw
The above syntax is identical to sharing a UFS file system:
# share -F nfs /ufsfs # cat /etc/dfs/sharetab /ufsfs - nfs rw /tank/zfsfs - nfs rw
The zfs share command cannot be used to initially share a file system until the sharenfs property is set.
# zfs share rpool/data cannot share 'rpool/data': legacy share use share(1M) to share this filesystem, or set the 'share' property and set [sharenfs|sharesmb] property on # zfs set sharenfs=on rpool/data # cat /etc/dfs/sharetab /rpool/data - nfs rw
All methods publish the file system shares immediately.
The new zfs set share command is used to share a ZFS file system over the NFS or SMB protocols. The share is not published until the sharenfs set property is also set on the file system.
Use the zfs set share command to create an NFS or SMB share of ZFS file system and also set the sharenfs property.
# zfs create rpool/fs1 # zfs set share=name=fs1,path=/rpool/fs1,prot=nfs rpool/fs1 name=fs1,path=/rpool/fs1,prot=nfs
The share is not published until the sharenfs or sharesmb property is set to on. For example:
# zfs set sharenfs=on rpool/fs1 # cat /etc/dfs/sharetab /rpool/fs1 fs1 nfs sec=sys,rw
A public NFS share can be created as follows:
# zfs set share=name=pp,path=/pub,prot=nfs,sec=sys,rw=*,public rpool/public name=pp,path=/pub,prot=nfs,public=true,sec=sys,rw=* # zfs set sharenfs=on rpool/public # cat /etc/dfs/sharetab /pub pp nfs public,sec=sys,rw
You can also create a share of a newly created ZFS file system by using syntax similar to the following:
# zfs create -o mountpoint=/ds -o sharenfs=on rpool/ds
When you create a NFS share of a ZFS file system, you must provide the following share components:
Identify a name for your share. Maximum share name is 80 characters.
Identify a path for your NFS share that must exist within the file system or directory to be shared.
Identify the protocol as NFS or SMB.
Identifies the ZFS file system to be shared.
Additional share options are:
Provides text that might help identify the share. Spaces or commas in the description must be enclosed in quote marks (" ").
Identifies whether the share is available as read/write or read-only to all clients. You can also specify a colon-separated list that includes hostnames, IP addresses, or a netgroup.
Identifies a root user from a specified host or list of hosts have root access. By default, no host has root access.
Identifies a NFS server security mode, such as sys, dh, krb5, and so on. For supported security mode information, see nfssec(5).
The following NFS properties must be specified after prot=nfs, but before any sec= properties.
anon=user-name|uid
nosub=true|false
nosuid=true|false
aclok=true|false
public=true|false
index=filename
log=TYPE_LOGTAG
cksum=TYPE_STRINGSET
The following optional SMB properties must be specified after the prot=smb property:
ad-container=string
abe=[true|false]
csc=[disabled|manual|auto|vdo]
catia=[true|false]
guestok=[true|false]
ro=access-list
rw=access-list
none=access-list
See share_nfs(1M) and share_smb(1M) for a detailed description of NFS and SMB share properties.
As in the previous releases, you display the value of the sharenfs property by using zfs get sharenfs property or by using the zfs get all command syntax.
# zfs get sharenfs rpool/fs1 NAME PROPERTY VALUE SOURCE rpool/fs1 sharenfs on local
The new share information is available by using the zfs get share command.
# zfs get share rpool/fs1 NAME PROPERTY VALUE SOURCE rpool/fs1 share name=rpool_fs1,path=/rpool/fs1,prot=nfs local
The new share information is not available in the zfs get all command syntax.
If you create a share of a newly created ZFS file system, use the zfs get share command to identify the share-name name or the share-path name. For example:
# zfs create -o mountpoint=/data -o sharenfs=on rpool/data # zfs get share rpool/data NAME PROPERTY VALUE SOURCE rpool/data share name=data,path=/data,prot=nfs local
Inheritance of the zfs share property and the sharenfs or the sharesmb property works as follows:
The zfs share property is not inherited from a parent to a descendent file system. In addition, the zfs set share command does not support the -r option to set a ZFS property on descendent file systems.
If the sharenfs or the sharesmb property is set on a parent file system, the sharenfs or the sharesmb property is also set on the descendent file systems. For example:
# zfs create -o mountpoint=/ds rpool/ds # zfs set share=name=ds,path=/ds,prot=nfs rpool/ds name=ds,path=/ds,prot=nfs # zfs set sharenfs=on rpool/ds # cat /etc/dfs/sharetab /ds rpool_ds nfs sec=sys,rw # zfs create rpool/ds/ds1 # zfs get sharenfs rpool/ds/ds1 NAME PROPERTY VALUE SOURCE rpool/ds/ds1 sharenfs on inherited from rpool/ds
Any existing child file system also inherits the parent's sharenfs or sharesmb property value.
If the sharenfs or the sharesmb property is set to off on the parent file system, the sharenfs property or the sharesmb property is set is to off on the descendent file systems. For example:
# zfs set sharenfs=off rpool/ds $ zfs get -r sharenfs rpool/ds NAME PROPERTY VALUE SOURCE rpool/ds sharenfs off local rpool/ds/ds1 sharenfs off inherited from rpool/ds rpool/ds/ds2 sharenfs off inherited from rpool/ds rpool/ds/ds3 sharenfs off inherited from rpool/ds
The name and protocol properties must be specified when you change share property values.
For example, create an NFS share like this:
# zfs create -o mountpoint=/ds -o sharenfs=on rpool/ds # zfs set share=name=ds,path=/ds,prot=nfs rpool/ds name=ds,path=/ds,prot=nfs
Then, add the SMB protocol:
# zfs set share=name=ds,prot=nfs,prot=smb rpool/ds name=ds,path=/ds,prot=nfs,prot=smb
Remove the SMB protocol:
# zfs set -c share=name=ds,prot=smb rpool/ds name=ds,path=/ds,prot=nfs
You can remove an existing share by using the zfs set -c command. For example, identify the share name.
# zfs get share NAME PROPERTY VALUE SOURCE rpool/ds share name=ds,path=/ds,prot=nfs local
Then, remove the share by identifying the share-name name. For example:
# zfs set -c share=name=ds rpool/ds share 'ds' was removed.
If a share is established by creating a default share, when the file system is created, then a share can be removed by the share-name name or the share-path name. For example, this share is given a default share-name name, data, and a default share-path name, /data.
# zfs create -o mountpoint=/data -o sharenfs=on rpool/data # zfs get share rpool/data NAME PROPERTY VALUE SOURCE rpool/data share name=data,path=/data,prot=nfs local
Remove the share by identifying the share-name name. For example:
# zfs set -c share=name=data rpool/data share 'data' was removed.
Remove the share by identifying the share-path name. For example:
# zfs set -c share=path=/data rpool/data share 'data' was removed.
In previous Solaris releases, you could not create and publish NFS or SMB shares in a Oracle Solaris non-global zone. In this Solaris release, you can create and publish NFS shares by using the zfs set share command and the legacy share command with a non-global zone.
If a ZFS file system is mounted and available in a non-global zone, it can be shared in that zone.
A file system can be shared in the global zone if it is not mounted in a non-global zone or is not shared to a non-global zone.
If a ZFS file system's mountpoint property set to legacy, the file system can be shared by using the legacy share command.
For example, the /export/home/data and /export/home/data1 file systems are available in the zfszone.
zfszone# share -F nfs /export/home/data zfszone# cat /etc/dfs/sharetab /export/home/data export_home_data nfs sec=sys,rw
zfszone# zfs set share=name=data1,path=/export/home/data1,prot=nfs tank/zones/export/home/data1 zfszone# zfs set sharenfs=on tank/zones/export/home/data1 zfszone# cat /etc/dfs/sharetab /export/home/data1 data1 nfs sec=sys,rw
This table describes the new ZFS file system sharing syntax and the legacy sharing syntax.
Table 6-5 ZFS Sharing and Legacy Share Command Summary
|
You can't share a parent file system if a subdirectory or descendent file system is already shared.
# share -F nfs /rpool/fs2/dir1 # share -F nfs /rpool/fs2/dir2 # share -F nfs /rpool/fs2 share: NFS: descendant of path is shared: /rpool/fs2/dir1 in rpool_fs2_dir2
Renaming a share that is created with the zfs set share command is not supported.
You can create a file system share with both NFS and SMB protocols by using the zfs set share command. For example:
# zfs set share=name=ds,path=/ds,prot=nfs,prot=smb rpool/ds name=ds,path=/ds,prot=nfs,prot=smb
If you want to create a file system share with both NFS and SMB protocols by using the legacy share command, you must specify the command twice. For example:
# share -F nfs /rpool/ds # share -F smb /rpool/ds # zfs get share rpool/df name=rpool_ds,path=/rpool/ds,prot=nfs,prot=smb
A share path or description that includes a comma (,) must be quoted with double quotes.
Identify any transition issues in this section.
Upgrading your system – ZFS shares will be incorrect if you boot back to an older BE due to property changes in this release. Non-ZFS shares are unaffected. If you plan to boot back to an older BE, you should first save a copy of the existing share configuration prior to the pkg update operation to be able to restore the share configuration on the ZFS file systems.
In the older BE, use the sharemgr show -vp command to list all shares and their configuration.
Use the zfs get sharenfs filesystem command and the zfs sharesmb filesystem commands to get the values of the sharing properties.
If you back to an older BE, reset the sharenfs and sharesmb properties to their original values.
Legacy unsharing behavior – Using the unshare -a command or unshareall command unpublishes a share, but does not update the SMF shares repository. If you try to re-share the existing share, the shares repository is checked for conflicts, and an error is displayed.